Windows server 2008 all in one desk reference for dummies

1. by John Paul MuellerWindowsServer2008A L L - I N - O N E D E S K R E F E R E N C EFORDUMmIES01_180440 ffirs.qxp 3/12/08 10:39 PM Page i

2. 01_180440 ffirs.qxp 3/12/08 10:39 PM Page iv 3. by John Paul MuellerWindowsServer2008A L L - I N - O N E D E S K R E F E R E N C EFORDUMmIES01_180440 ffirs.qxp 3/12/08 10:39 PM Page i 4. Windows Server2008 All-in-One Desk Reference For DummiesPublished byWiley Publishing, Inc.111 River StreetHoboken, NJ 07030-5774www.wiley.comCopyright 2008 by Wiley Publishing, Inc., Indianapolis, IndianaPublished by Wiley Publishing, Inc., Indianapolis, IndianaPublished simultaneously in CanadaNo part of this publication may be reproduced, stored in a retrieval system or transmitted in any formor by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except aspermitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the priorwritten permission of the Publisher, or authorization through payment of the appropriate per-copy feeto the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978)646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, WileyPublishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, oronline at http://www.wiley.com/go/permissions.Trademarks: Wiley, the Wiley Publishing logo, For Dummies, the Dummies Man logo, A Reference for theRest of Us!, The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com, and related tradedress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the UnitedStates and other countries, and may not be used without written permission. Microsoft and WindowsServer are registered trademarks of Microsoft Corporation in the United States and/or other countries.All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is not associatedwith any product or vendor mentioned in this book.LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO REPRESENTATIONSOR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS WORK ANDSPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION WARRANTIES OF FITNESS FOR A PAR-TICULAR PURPOSE. NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS. THEADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION. THIS WORK IS SOLDWITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING, OROTHER PROFESSIONAL SERVICES. IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF A COMPETENTPROFESSIONAL PERSON SHOULD BE SOUGHT. NEITHER THE PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FORDAMAGES ARISING HEREFROM. THE FACT THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORKAS A CITATION AND/OR A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE AUTHOROR THE PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION OR WEBSITE MAY PROVIDE OR RECOM-MENDATIONS IT MAY MAKE. FURTHER, READERS SHOULD BE AWARE THAT INTERNET WEBSITES LISTED IN THISWORK MAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ.For general information on our other products and services, please contact our Customer CareDepartment within the U.S. at 800-762-2974, outside the U.S. at 317-572-3993, or fax 317-572-4002.For technical support, please visit www.wiley.com/techsupport.Wiley also publishes its books in a variety of electronic formats. Some content that appears in print maynot be available in electronic books.Library of Congress Control Number: 2008924084ISBN: 978-0-470-18044-0Manufactured in the United States of America10 9 8 7 6 5 4 3 2 101_180440 ffirs.qxp 3/12/08 10:39 PM Page ii 5. About the AuthorJohn Mueller is a freelance author and technical editor. He has writing in hisblood, having produced 78 books and over 300 articles to date. The topicsrange from networking to artificial intelligence and from database manage-ment to heads-down programming. Some of his current books include aWindows power optimization book, a book on .NET security, and books onAmazon Web Services, Google Web Services, and eBay Web Services. Histechnical editing skills have helped over 52 authors refine the content oftheir manuscripts. John has provided technical editing services to both DataBased Advisor and Coast Compute magazines. He has also contributed articlesto a number of magazines, including CIO.com, DevSource, InformIT, Informant,DevX, SQL Server Professional, Visual C++ Developer, Hard Core Visual Basic,asp.netPRO, Software Test and Performance, and Visual Basic Developer.When John isnt working at the computer, you can find him in his workshop.Hes an avid woodworker and candlemaker. On any given afternoon, you canfind him working at a lathe or putting the finishing touches on a bookcase. Healso likes making glycerin soap, which comes in handy for gift baskets. Youcan reach John on the Internet at [email protected]. John is also settingup a Web site at http://www.mwt.net/~jmueller/; feel free to look andmake suggestions on how he can improve it. Check out his weekly blog athttp://www.amazon.com/gp/blog/id/AQOA2QP4X1YWP.01_180440 ffirs.qxp 3/12/08 10:39 PM Page iii 6. 01_180440 ffirs.qxp 3/12/08 10:39 PM Page iv 7. DedicationThis book is dedicated to the beauty of nature around my home and what itmeans to me. No, it has nothing to do with computers, but thats what makesnature so amazing. Snow falling, crisp winter days, trees in spring, tomatoesin the garden, falling leaves, deer and quail, and all of the other things that Imight miss if I never left my desk to see them leave me awestruck at thediversity of our earth and the God who created it.Authors AcknowledgmentsThanks to my wife, Rebecca, for working with me to get this book completed.I really dont know what I would have done without her help in researchingand compiling some of the information that appears in this book. She also dida fine job of proofreading my rough draft.Russ Mullen deserves thanks for his technical edit of this book. He greatlyadded to the accuracy and depth of the material that you see here. I reallyappreciate the time that he devoted to checking my procedures for accuracy.I also spent a good deal of time bouncing ideas off Russ as I wrote this book,which is a valuable aid to any author.Matt Wagner, my agent, deserves credit for helping me get the contract in thefirst place and for taking care of all the details that most authors dont reallyconsider. I always appreciate his assistance. Its good to know that someonewants to help.A number of people read all or part of this book to help me refine theapproach, test the procedures, and generally provide input that every readerwishes they could have. These unpaid volunteers helped in ways too numer-ous to mention here. I especially appreciate the efforts of Eva Beattie, whoread the entire book and selflessly devoted herself to this project. Id love tothank by name each person who wrote me with an idea, but there are simplytoo many.Finally, I would like to thank Katie Feltman, Nicole Sholly, Rebecca Whitney,and the rest of the editorial and production staff for their assistance inbringing this book to print. Its always nice to work with such a great groupof professionals.01_180440 ffirs.qxp 3/12/08 10:39 PM Page v 8. Publishers AcknowledgmentsWere proud of this book; please send us your comments through our online registration formlocated at www.dummies.com/register/.Some of the people who helped bring this book to market include the following:Acquisitions, EditorialProject Editor: Nicole ShollySr. Acquisitions Editor: Katie FeltmanCopy Editor: Rebecca WhitneyTechnical Editor: Russ MullenEditorial Manager: Kevin KirschnerEditorial Assistant: Amanda FoxworthSr. Editorial Assistant: Cherie CaseCartoons: Rich Tennant(www.the5thwave.com)Composition ServicesProject Coordinator: Erin SmithLayout and Graphics: Claudia Bell,Stacie Brooks, Melissa K. Jester,Christine WilliamsProofreader: Catie Kelly, Tricia LiebigIndexer: WordCo Indexing ServicesPublishing and Editorial for Technology DummiesRichard Swadley, Vice President and Executive Group PublisherAndy Cummings, Vice President and PublisherMary Bednarek, Executive Acquisitions DirectorMary C. Corder, Editorial DirectorPublishing for Consumer DummiesDiane Graves Steele, Vice President and PublisherJoyce Pepple, Acquisitions DirectorComposition ServicesGerry Fahey, Vice President of Production ServicesDebbie Stailey, Director of Composition Services01_180440 ffirs.qxp 3/12/08 10:39 PM Page vi 9. Table of ContentsIntroduction..................................................................1About This Book...............................................................................................2Conventions Used in This Book .....................................................................2What You Should Read ....................................................................................3What You Dont Have to Read ........................................................................4Foolish Assumptions .......................................................................................4How This Book Is Organized...........................................................................5Book I: Installation and Setup ...............................................................5Book II: Configuration ............................................................................5Book III: Administration.........................................................................5Book IV: Networking...............................................................................6Book V: Security .....................................................................................6Book VI: Windows PowerShell..............................................................6Book VII: IIS .............................................................................................7Book VIII: Services..................................................................................7Icons Used in This Book..................................................................................7Where to Go from Here....................................................................................8Part I: Installation and Setup.........................................9Chapter 1: An Overview of Windows Server 2008 . . . . . . . . . . . . . . . . .11An Overview of Major New Features in Windows Server 2008 ................12BitLocker drive encryption.................................................................12Enhanced Windows Firewall ...............................................................12Federated rights management............................................................14Improved failover clustering...............................................................14Internet Information Server (IIS) 7.....................................................15Internet Protocol version 6 (IPv6)......................................................16.NET Framework 3.0 .............................................................................17Network access protection (NAP) and enforcement.......................18New printer and storage options .......................................................19Read-only domain controller (RODC)................................................20Windows Deployment Services ..........................................................21Considering the Windows Server 2008 Editions ........................................22Memory considerations ......................................................................23Other hardware considerations .........................................................23Standard ................................................................................................24Enterprise..............................................................................................24Datacenter.............................................................................................24Web.........................................................................................................2402_180440 ftoc.qxp 3/14/08 5:46 PM Page vii 10. Windows Server 2008 All-In-One Desk Reference For DummiesviiiUnderstanding Windows Server 2008 Server Core....................................25Creating lightweight servers with specific roles..............................26Working with Windows Server Virtualization (WSV).......................26Defining the Benefits of Windows Server Manager....................................27Considering Windows PowerShell ...............................................................28Communicating with Terminal Services (TS).............................................29TS Easy Print.........................................................................................29TS Gateway............................................................................................29TS RemoteApp ......................................................................................29TS Session Broker.................................................................................30TS Web Access......................................................................................30Chapter 2: Using the Boot Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . .31Accessing the Boot Diagnostics...................................................................33Starting diagnostics from the boot CD ..............................................34Starting diagnostics from the boot menu..........................................36Using a Special Boot Mode............................................................................37Working with the Safe Mode options .................................................37Enabling boot logging ..........................................................................40Enabling low-resolution video ............................................................42Using the last known good configuration..........................................42Using Directory Services Restore mode............................................43Using debugging mode ........................................................................44Disabling the automatic restart on system failure...........................45Disabling driver signature enforcement............................................45Performing a Memory Test ...........................................................................49Performing a Windows Complete PC Restore ............................................50Using the Command Prompt.........................................................................52Chapter 3: Performing the Basic Installation . . . . . . . . . . . . . . . . . . . . .55An Overview of the Installation Prerequisites............................................56Choosing a processor configuration..................................................57Considering the version and edition requirements.........................59Understanding the minimum requirements......................................60Deciding between a DVD and Windows installation........................62Considering Pre-Installation Requirements................................................64Preparing a forest for installation ......................................................66Preparing a domain for installation ...................................................67Performing a DVD Installation......................................................................68Performing a Windows Installation..............................................................72Considering the Windows Installation Alternatives ..................................78Performing an Initial Configuration .............................................................79Chapter 4: Performing Initial Configuration Tasks . . . . . . . . . . . . . . . .83An Overview of the Initial Configuration Tasks Window ..........................84Understanding the default Windows Server 2008 settings .............85An overview of the configuration process........................................86Reopening the Initial Configuration Tasks window..........................8802_180440 ftoc.qxp 3/14/08 5:46 PM Page viii 11. Table of Contents ixProviding Computer Information.................................................................88Setting the time zone ...........................................................................88Providing a computer name and domain..........................................90Configuring networking .......................................................................92Updating Your Server ....................................................................................95Enabling automatic updating and feedback......................................95Downloading and installing updates................................................101Customizing Your Server.............................................................................103Adding roles........................................................................................104Adding features...................................................................................105Enabling Remote Desktop .................................................................106Configuring the Windows Firewall ...................................................107Configuring the Startup Options with BCDEdit........................................108Part II: Configuration ................................................111Chapter 1: Configuring Server Roles and Features . . . . . . . . . . . . . . .113Using the Server Manager Console............................................................113Working with roles .............................................................................115Working with features........................................................................125Performing diagnostics......................................................................126Performing configuration tasks ........................................................128Configuring and managing storage ..................................................129Using the ServerManagerCmd Utility........................................................130Understanding the Server Roles ................................................................134Considering the Active Directory Certificate Service role............134Considering the Active Directory Domain Services role...............135An overview of the Active Directory Federation Services role....135Working with the Active Directory LightweightDirectory Services role ..................................................................136Working with the Active Directory RightsManagement Services role ............................................................136Working with the Application Server role.......................................137Considering the DHCP Server role...................................................137Considering the DNS Server role......................................................137An overview of the Fax Server role..................................................138An overview of the File Services role ..............................................138Considering the Network Policy and Access Services role ..........138Considering the Print Services role .................................................139Considering the Terminal Services role ..........................................139Considering the UDDI Services role.................................................139Considering the Web Server (IIS) role .............................................139Working with the Windows Deployment Services role .................139Working with the Windows SharePoint Services role....................140Understanding the Server Features...........................................................140Considering the .NET Framework 3.0 features ...............................140Considering the BitLocker Drive Encryption feature ....................14102_180440 ftoc.qxp 3/14/08 5:46 PM Page ix 12. Windows Server 2008 All-In-One Desk Reference For DummiesxConsidering the BITS Server Extensions feature............................141Working with the Connection ManagerAdministration Kit (CMAK) feature..............................................142Defining the Desktop Experience feature........................................142Considering the Failover Clustering feature ...................................142Considering the Group Policy Management feature......................143Considering the Internet Printing Client feature............................143Considering the Internet Storage Name Server feature ................143Considering the LPR Port Monitor feature .....................................143Considering the Message Queuing feature .....................................144Considering the Multipath I/O feature.............................................144Considering the Network Load Balancing feature .........................144Considering the Peer Name Resolution Protocol feature .............145Considering the Quality Windows AudioVideo Experience feature...............................................................145Working with the Remote Assistance feature.................................145Working with the Remote Differential Compression feature ........146Considering the Remote Server Administration Tools feature ....146Considering the Removable Storage Manager feature ..................147Working with the RPC over HTTP Proxy feature............................147Working with the Simple TCP/IP Services feature..........................147Considering the SMTP Server feature..............................................148Considering the SNMP Services feature..........................................148Considering the Storage Manager for SANs feature.......................148Working with the Subsystem for UNIX-basedApplications feature .......................................................................149Considering the Telnet Client feature..............................................149Considering the Telnet Server feature.............................................149Considering the TFTP Client feature................................................149An overview of the Windows Internal Database feature...............150Considering the Windows PowerShell feature ...............................150Considering the Windows Process Activation Service feature ....150Considering the Windows Recovery Disc feature..........................151Considering the Windows Server Backup features........................151Considering the Windows System Resource Manager feature.....151Considering the WINS Server feature ..............................................151Considering the Wireless LAN Service feature...............................152Chapter 2: Configuring Server Hardware . . . . . . . . . . . . . . . . . . . . . . .153Considering the Windows Scalability Improvements..............................154Working with Device Manager....................................................................155Managing the Device Manager display............................................157Viewing broken devices.....................................................................159Understanding resources ..................................................................160Viewing hidden devices.....................................................................163Scanning for new devices..................................................................166Working with older devices...............................................................166Viewing individual device settings...................................................16702_180440 ftoc.qxp 3/14/08 5:46 PM Page x 13. Table of Contents xiUpdating drivers.................................................................................169Configuring power management ......................................................172Using the Add Hardware Wizard ................................................................173Performing Hard-Drive-Related Tasks .......................................................175Encrypting your hard drive using BitLocker ..................................176Working with Multipath I/O...............................................................180Working with the Removable Storage Manager..............................182Working with SANs.............................................................................186Performing Printer-Related Tasks..............................................................187Working with the Printer Installation Wizard .................................188Configuring the printer options........................................................194Configuring an LPR printer ...............................................................203Performing Configuration Tasks.................................................................204Working with fonts .............................................................................204Configuring the keyboard..................................................................205Configuring the mouse.......................................................................206Configuring the phone and modem options ...................................208Setting the power management options..........................................209Configuring the sound options.........................................................211Chapter 3: Using the Control Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . .213Accessing the Control Panel.......................................................................213Bypassing the Control Panel to access applets..............................214Using CPL files to open applets........................................................214Using command objects to open applets........................................216Configuring the Control Panel ....................................................................218Using Category view ..........................................................................218Understanding the Control Panel groups........................................220Using Classic view..............................................................................221Understanding the Control Panel Applets ................................................223Add Hardware.....................................................................................223Administrative Tools..........................................................................224AutoPlay ..............................................................................................224Color Management .............................................................................225Date and Time.....................................................................................226Default Programs................................................................................228Device Manager ..................................................................................230Ease of Access/Ease of Access Center.............................................230Folder Options....................................................................................231Fonts.....................................................................................................231Indexing Options ................................................................................231Internet Options .................................................................................231iSCSI Initiator ......................................................................................232Keyboard .............................................................................................232Mouse...................................................................................................232Network and Sharing Center.............................................................232Offline Files..........................................................................................232Personalization...................................................................................23202_180440 ftoc.qxp 3/14/08 5:46 PM Page xi 14. Windows Server 2008 All-In-One Desk Reference For DummiesxiiPhone and Modem Options ..............................................................233Power Options ....................................................................................233Printers ................................................................................................233Problem Reports and Solutions........................................................233Programs and Features......................................................................233Regional and Language Options.......................................................234Sound ...................................................................................................234System..................................................................................................234Taskbar and Start Menu ....................................................................234Text to Speech ....................................................................................235User Accounts.....................................................................................235Windows Firewall ...............................................................................235Windows Update.................................................................................235Chapter 4: Working with Workgroups . . . . . . . . . . . . . . . . . . . . . . . . . .237Understanding Workgroups........................................................................238Understanding the pros of workgroups ..........................................238Understanding the cons of workgroups..........................................239Preparing to Create a Workgroup ..............................................................240Considering Centralized versus Group Sharing.......................................241Configuring the Server for a Workgroup...................................................242Adding groups to the workgroup .....................................................243Adding users to the workgroup........................................................247Removing users and groups from the workgroup..........................249Sharing storage resources in the workgroup..................................249Performing User Configuration for a Workgroup.....................................257Using the User Account window ......................................................257Modifying users with the Computer Management console ..........259Working with Peer Name Resolution Protocol .........................................260Chapter 5: Promoting Your Server to a Domain Controller . . . . . . . .261Understanding Domains..............................................................................261Preparing to Create a Domain ....................................................................263Performing the Domain Configuration Prerequisites ..............................264Checking for unsupported roles and features................................265Installing DNS......................................................................................266Installing WINS....................................................................................273Installing DHCP ...................................................................................273Configuring the Server for a Domain.........................................................276Performing the domain controller promotion................................276Configuring the user accounts..........................................................279Sharing resources on the domain ....................................................281Joining clients to the domain............................................................281Working with the Windows System Resource Manager (WSRM)...........282Understanding how WSRM works and what you gain from it ......283Creating new policies.........................................................................285Modifying and deleting policies .......................................................290Assigning system policies .................................................................29002_180440 ftoc.qxp 3/14/08 5:46 PM Page xii 15. Table of Contents xiiiPart III: Administration .............................................291Chapter 1: An Overview of the Administrative Tools Folder . . . . . . .293Accessing the Administrative Tools Folder..............................................294Understanding consoles....................................................................294Using MSC files to open consoles.....................................................295Considering the undiscovered MSC file ..........................................299Working with Common Administrative Tools Folder Features ..............302Event Viewer .......................................................................................302Services ...............................................................................................312System Configuration.........................................................................317Installing and Using the Remote Server Administration Tools ..............321Chapter 2: Setting Group Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . .323Understanding How Policies Work.............................................................323Starting the Group Policy Editor................................................................325Performing Computer Management ..........................................................326Modifying computer Software Settings ...........................................326Modifying computer Windows Settings...........................................326Using computer Administrative Templates ....................................329Performing User Configuration ..................................................................332Modifying user Software Settings.....................................................332Modifying user Windows Settings....................................................332Using user Administrative Templates..............................................334Disabling UAC on the Server ......................................................................334Viewing the Resultant Set of Policy (RSoP) ..............................................335Chapter 3: Configuring the Registry . . . . . . . . . . . . . . . . . . . . . . . . . . . .337Starting the Registry Editor........................................................................338Importing and Exporting Registry Elements ............................................339Performing a registry backup ...........................................................339Working with branches......................................................................341Modifying the REG files......................................................................342Using the Registry Editor at the command line .............................345Finding Registry Elements ..........................................................................345Performing the search .......................................................................346Setting registry entry favorites.........................................................347Understanding the Registry Data Types ...................................................347Working with strings ..........................................................................347Working with binary data..................................................................349Working with DWORD and QWORD data ........................................350Working with special data types ......................................................351Understanding the Hives.............................................................................351Locating the registry files..................................................................351Working with HKEY_CLASSES_ROOT ..............................................353Working with HKEY_CURRENT_USER..............................................354Working with HKEY_LOCAL_MACHINE...........................................35502_180440 ftoc.qxp 3/14/08 5:46 PM Page xiii 16. Windows Server 2008 All-In-One Desk Reference For DummiesxivWorking with HKEY_USERS...............................................................355Working with HKEY_CURRENT_CONFIG .........................................356Loading and unloading hives............................................................356Connecting to network registries.....................................................357Setting Registry Security.............................................................................357Chapter 4: Working with Active Directory . . . . . . . . . . . . . . . . . . . . . .359Understanding How Active Directory Works............................................360Configuring Objects in Active Directory...................................................360Using the Active Directory Domains and Trusts console .............360Using the Active Directory Sites and Services console.................364Using the Active Directory Users and Computers console ..........365Working with ADSIEdit.................................................................................372Creating a connection........................................................................372Viewing the database hierarchy.......................................................374Managing objects ...............................................................................375Chapter 5: Performing Standard Maintenance . . . . . . . . . . . . . . . . . .377Interacting with the System Applet ...........................................................378Activating Windows ...........................................................................379Using the System Properties dialog box links ................................379Configuring Your User Interface for Maximum Functionality.................380Defining the Folder Options settings ...............................................381Defining the Internet Options settings ............................................383Defining the personalization settings ..............................................389Defining the Problem Reports and Solutions settings...................391Defining the Regional and Language Options settings ..................392Defining the Taskbar and Start menu settings................................393Configuring the Windows performance options ............................396Understanding How UAC Affects Maintenance Tasks .............................397Adding and Removing Standard Applications..........................................398Measuring Reliability and Performance....................................................399Using the Performance Monitor .......................................................400Using the Reliability Monitor............................................................402Protecting System Data ...............................................................................403Performing a system backup ............................................................403Performing a system restore.............................................................406Performing Disk Management Tasks .........................................................408Performing share and storage management...................................408Performing disk management...........................................................410Defragmenting the hard drive...........................................................411Automating Diagnostic Tasks with Task Scheduler.................................412Discovering the task status...............................................................412Using preconfigured tasks.................................................................413Creating your own tasks....................................................................415Working with Remote Desktop...................................................................415Creating a connection........................................................................415Setting the display..............................................................................41702_180440 ftoc.qxp 3/14/08 5:46 PM Page xiv 17. Table of Contents xvAccessing local resources.................................................................418Running a configuration program ....................................................419Optimizing performance....................................................................420Creating a Windows Recovery Disc...........................................................421Chapter 6: Working at the Command Line . . . . . . . . . . . . . . . . . . . . . . .423Opening an Administrative Command Line..............................................424Configuring the Command Line..................................................................427Setting the window options ..............................................................427Changing the font ...............................................................................429Choosing a window layout ................................................................429Defining the text colors .....................................................................430Setting Environment Variables ...................................................................431Using the Environment Variables dialog box..................................432Using the Set command.....................................................................433Obtaining Help at the Command Line .......................................................434Understanding Command Line Symbols...................................................436Part IV: Networking ..................................................437Chapter 1: An Overview of Windows Server 2008 Networking . . . .439Understanding the New Windows Server 2008 Networking Features...440An Overview of the Network and Sharing Center....................................441Understanding How UAC Affects Networking ..........................................444Considering TCP/IP Configuration.............................................................445Understanding DHCP...................................................................................446Understanding DNS......................................................................................446Understanding WINS....................................................................................447Chapter 2: Performing Basic Networking Tasks . . . . . . . . . . . . . . . . .449Viewing the Network Properties ................................................................450Displaying a Network Map ..........................................................................453Connecting to Another Network ................................................................454Connect to the Internet .....................................................................455Set up a dial-up connection...............................................................457Connect to a workplace.....................................................................458Managing Network Connections ................................................................462Working with Client for Microsoft Networks ..................................463Understanding the Internet protocol settings................................463Installing new networking features ..................................................465Uninstalling network features...........................................................467Chapter 3: Accomplishing Advanced Networking Tasks . . . . . . . . .469Working with Terminal Server....................................................................469Using the default utilities ..................................................................470Configuring user-specific Terminal Services settings....................47802_180440 ftoc.qxp 3/14/08 5:46 PM Page xv 18. Windows Server 2008 All-In-One Desk Reference For DummiesxviConfiguring and using TS Licensing.................................................480Understanding TS Session Broker....................................................485Working with Remote Access Services .....................................................485Network Policy Server (NPS)............................................................485Health Registration Authority (HRA)...............................................490Host Credential Authorization Protocol (HCAP)............................491Using the NetSH Command Line Utility.....................................................492Chapter 4: Diagnosing and RepairingNetwork Connection Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .499Using the Diagnose and Repair Feature ....................................................500Repairing Individual Connections..............................................................502Overcoming Common Configuration Errors.............................................504Configuring the User Settings Correctly....................................................506Setting the Profile tab ........................................................................507Setting the Environment tab .............................................................508Setting the Sessions tab.....................................................................509Part V: Security ........................................................511Chapter 1: Understanding Windows Server 2008 Security . . . . . . . .513Working with Basic Windows Security......................................................514Understanding the concepts of authentication..............................514Understanding the concepts of authorization................................515Understanding access tokens...........................................................516Understanding security descriptors................................................517Understanding ACLs ..........................................................................518Working with .NET Security........................................................................519Considering the .NET security features...........................................520Understanding role-based security..................................................521Understanding code access security...............................................525Configuring File and Folder Security .........................................................527Setting file and folder security..........................................................527Managing user encryption file certificates .....................................530Creating a Local Security Policy.................................................................532Using the Security Configuration Wizard..................................................532Chapter 2: Configuring Shared Resources . . . . . . . . . . . . . . . . . . . . . .539Comparing Shares with Security................................................................540Sharing Resources........................................................................................541Working with storage media .............................................................542Working with printers........................................................................545Sharing other resources ....................................................................546Performing an ICS Setup..............................................................................54702_180440 ftoc.qxp 3/14/08 5:46 PM Page xvi 19. Table of Contents xviiConfiguring an Access Solution with Federated Rights Management...549Working with Active Directory Federated Services (AD FS).........550Working with Active Directory RightsManagement Services (AD RMS) ..................................................552Chapter 3: Configuring Internal Security . . . . . . . . . . . . . . . . . . . . . . . .555Working with Network Access Protection (NAP).....................................556Understanding and Using the User Account Control (UAC)...................559Using UAC to protect your server....................................................560Running tasks as an administrator ..................................................561Understanding automatic privilege elevation ................................562Overriding the UAC settings .............................................................562Managing User Passwords ..........................................................................566Creating a password reset disk.........................................................566Managing your network passwords.................................................567Managing User Certificates.........................................................................571Configuring Startup and Recovery Options..............................................573Chapter 4: Working with the Internet . . . . . . . . . . . . . . . . . . . . . . . . . .575Configuring the Windows Firewall .............................................................576Turning Windows Firewall on or off.................................................576Setting standard application and port exceptions.........................577Assigning Windows Firewall to connections ..................................579Configuring Windows Firewall with Advanced Security .........................579Working with the profile settings .....................................................581Understanding IPSec..........................................................................583Configuring the IPSec settings..........................................................585Working with inbound and outbound rules....................................589Part VI: Windows PowerShell .....................................597Chapter 1: An Introduction to Windows PowerShell . . . . . . . . . . . . .599An Overview of PowerShell ........................................................................600Using PowerShell Effectively ......................................................................601Installing the PowerShell Feature...............................................................602Understanding the Security Issues of Using PowerShell ........................605Performing Simple Tasks with PowerShell ...............................................606Obtaining Help for PowerShell Commands and Utilities ........................607Understanding the Remoting Difference...................................................610Chapter 2: Understanding the .NET Framework . . . . . . . . . . . . . . . . . .613Understanding the .NET Framework Versions .........................................614Locating the .NET Framework on your system ..............................614Understanding the concept of side-by-side versions ....................617Understanding the .NET Framework 3.0 Additions .................................61802_180440 ftoc.qxp 3/14/08 5:46 PM Page xvii 20. Windows Server 2008 All-In-One Desk Reference For DummiesxviiiViewing the Global Assembly Cache .........................................................619Understanding assembly privacy.....................................................620An overview of the GAC entries .......................................................620Removing an assembly using Windows Explorer...........................621Viewing assembly properties using Windows Explorer ................622Working with Common .NET Framework Utilities ...................................623Placing assemblies in the GAC..........................................................623Registering assemblies before using them......................................625Chapter 3: Working with Scripts and Cmdlets . . . . . . . . . . . . . . . . . . .627An Overview of the Common Scripts and Cmdlets .................................627Executing a Common Script or Cmdlet .....................................................629An overview of command line and PowerShellcomparable activities.....................................................................629Working with COM objects in PowerShell.......................................630Combining multiple steps .................................................................633Working from Another Location.................................................................636Chapter 4: Creating Your Own Scripts and Cmdlets . . . . . . . . . . . . . .637Creating a New Shell Extension..................................................................637Creating a PowerShell Script ......................................................................641Working with scripts and shells .......................................................642Creating a simple script.....................................................................642Running the script..............................................................................645Defining a Script Policy ...............................................................................646Creating a PowerShell Cmdlet ....................................................................647Compiling the Cmdlet executable ....................................................648Using the Make-Shell utility to create the shell ..............................649Part VII: IIS..............................................................651Chapter 1: Understanding the New Interface . . . . . . . . . . . . . . . . . . . .653Working with the Start Page .......................................................................654Considering Application Pools...................................................................656Understanding FTP Site Configuration......................................................657Considering the IIS Icons.............................................................................657An overview of the ASP.NET features ..............................................659An overview of the IIS features.........................................................667An overview of the Management features.......................................677Chapter 2: Performing Basic Configuration Tasks . . . . . . . . . . . . . . .679Installing and Configuring SMTP Support.................................................680Understanding the purpose of SMTP in IIS 7 ..................................680Configuring an SMTP server .............................................................682Configuring a pickup directory.........................................................682Redirecting Web Sites..................................................................................68302_180440 ftoc.qxp 3/14/08 5:46 PM Page xviii 21. Table of Contents xixHandling HTTP Responses..........................................................................684Configuring a standard response header........................................685Configuring a custom response header...........................................686Working with Data........................................................................................687Configuring MIME types ....................................................................687Configuring handlers .........................................................................692Configuring modules..........................................................................699Understanding and Using ISAPI..................................................................702Working with ISAPI extensions .........................................................702Managing ISAPI filters ........................................................................703Understanding and Performing Feature Delegation ................................705Changing the overall level of delegation .........................................706Changing the custom delegation for a Web site.............................706Correcting delegation mistakes........................................................707Chapter 3: Working with Scripted Applications . . . . . . . . . . . . . . . . .709Understanding the Scripted Application Support ...................................709Working with CGI Applications...................................................................710Working with ASP Applications..................................................................711Changing the application behavior..................................................712Compiling the application.................................................................717Configuring application services......................................................720Considering Scripted Application Security...............................................725Securing a CGI application ................................................................726Securing an ASP application .............................................................726Defining ISAPI extension and CGI restrictions................................726Chapter 4: Working with ASP.NET . . . . . . . . . . . . . . . . . . . . . . . . . . . . .731Understanding ASP.NET ..............................................................................732Considering ASP.NET and Data Connectivity ...........................................732Managing providers ...........................................................................733Managing connection strings............................................................739Installing ASP.NET Applications .................................................................742Determining when to create an application....................................743Adding a new application..................................................................743Converting a folder or virtual directory to an application ...........744Configuring ASP.NET Applications.............................................................745Changing application behavior with application settings ............745Managing session state......................................................................746Chapter 5: Configuring an FTP Server . . . . . . . . . . . . . . . . . . . . . . . . . .751Understanding FTP Site Prerequisites.......................................................751Managing FTP Server with the Graphical Interface.................................753Accessing the FTP features...............................................................753Modifying the FTP Site tab ................................................................754Modifying the Security Accounts tab ..............................................755Modifying the Messages tab .............................................................756Modifying the Home Directory tab ..................................................75602_180440 ftoc.qxp 3/14/08 5:46 PM Page xix 22. Windows Server 2008 All-In-One Desk Reference For DummiesxxSaving your configuration .................................................................757Restoring your configuration............................................................757Managing FTP Servers with the FTP Utility ..............................................758Setting Security for Your FTP Site..............................................................760Chapter 6: Configuring IIS Security . . . . . . . . . . . . . . . . . . . . . . . . . . . .763Obtaining a Certificate.................................................................................764Understanding the importance of certificates ...............................764Importing an existing certificate ......................................................765Creating a certificate request ...........................................................766Completing a certificate request......................................................768Creating a domain certificate............................................................768Creating a self-signed certificate ......................................................772Configuring SSL on IIS..................................................................................772Creating an HTTPS binding ...............................................................773Defining the server settings..............................................................774Defining the client settings................................................................775Configuring ASP.NET Security ....................................................................776Defining trust levels ...........................................................................777Managing roles....................................................................................778Managing users...................................................................................779Part VIII: Services .....................................................781Chapter 1: An Overview of Windows Server 2008 Services . . . . . . .783Understanding How Services Work ...........................................................784An Overview of the Basic Windows Services ...........................................786Understanding the Windows Management Instrumentation (WMI)......800Configuring the WMI Control Properties ..................................................801Performing a backup..........................................................................802Performing a restoration ...................................................................802Setting WMI security..........................................................................803Changing the default namespace for scripting...............................804Chapter 2: Monitoring and Configuring Services . . . . . . . . . . . . . . . .805Using the Services Console.........................................................................805Starting and stopping services.........................................................806Pausing and continuing services......................................................807Working with service properties......................................................807Modifying Service Status Using Task Manager.........................................812Working with the SC Command Line Utility..............................................814Chapter 3: Using Application-Specific Services . . . . . . . . . . . . . . . . .823Defining an Application-Specific Service...................................................824Locating Application-Specific Services .....................................................82602_180440 ftoc.qxp 3/14/08 5:46 PM Page xx 23. Table of Contents xxiWorking with Application-Specific Services As Needed..........................829Starting and stopping application-specific services......................829Configuring an application-specific service start-up.....................831Changing the application-specific service logon settings.............832Modifying the application-specific service recovery features .....833Understanding security required byapplication-specific services.........................................................833Considering special application-specificservice configuration needs..........................................................834Index........................................................................83502_180440 ftoc.qxp 3/14/08 5:46 PM Page xxi 24. Windows Server 2008 All-In-One Desk Reference For Dummiesxxii02_180440 ftoc.qxp 3/14/08 5:46 PM Page xxii 25. IntroductionMicrosoft is determined to make a better operating system, and the com-pany accomplished that goal with Windows Server 2008. Reliability,performance (as long as you have the required hardware), and security are allimproved. In fact, security takes a front seat with Windows Server 2008. InWindows Server 2008 All-in-One Desk Reference For Dummies, you discoverjust how profound these changes are. I found myself impressed by many ofthe new features that Microsoft added and feel that the company has done agood job of putting together this version of Windows.You come across many things to like in Windows Server 2008. Of course,you find the usual new features. Anyone who hasnt seen IIS 7 should lookbecause Microsoft finally provides a cleaner, easier-to-use interface with lotsof good changes underneath. The new, managed version of IIS providesbetter performance because it doesnt load everything (whether you need itor not). In addition, you find significant security improvements, better relia-bility, and full support for ASP.NET. Thats right! You can finally work withthe developer to create a fully configurable managed Web application thatcan produce impressive results.Security is a front-line consideration for Windows Server 2008. Microsoftattempts to secure everything in this version of Windows. For example,BitLocker encryption helps ensure that your data remains safe, even whensomeone sends an old computer to the dump without erasing the hard drivefirst. Reliance on User Account Control (UAC) ensures that even administra-tors cant accidentally thwart an organizations efforts to maintain a secureenvironment. Everything is also locked down better. No longer doesMicrosoft leave all the security doors open and hope that you lock themlater. Windows Server 2008 All-in-One Desk Reference For Dummies makes aspecial effort to describe all the security changes.Unfortunately, nothing comes free. Spend more than a little time with WindowsServer 2008 and youll find that some changes break applications and causeother problems. This book also helps you overcome any potential obstaclesthat can interfere with your Windows Server 2008 computing experience. Thething that impressed me most, however, was that the number of breakingchanges is quite small, especially when you consider the considerablenumber of good changes you receive. Even so, Windows Server 2008 All-in-One Desk Reference For Dummies wont leave you in the lurch to figure outthe small number of changes that break applications this book is allabout finding the solutions you need.03_180440 intro.qxp 3/12/08 10:40 PM Page 1 26. About This Book2About This BookWindows Server 2008 All-in-One Desk Reference For Dummies provides every-thing needed to perform common administration tasks with Windows Server2008. No, you wont find arcane material in this book, because I took extratime to ensure that you have the material you need for everyday tasks.Everything from installation to figuring out why a user cant gain access toresources on the server appears in this book in considerable detail. You alsosee procedures for all common tasks everything from setting up InternetConnection Sharing (ICS) to promoting your server to a domain controller.Procedures and topical information are nice, but this book goes much further.Sometimes its hard to know how to proceed with Windows Server 2008. Thisproduct contains so many features that you can easily become lost and installthe wrong features for your needs. This book provides insights into whenyou need a feature and how best to use the feature to meet your organizationsneeds. Although I cant guess about every need you might have, you findcommon needs addressed in this book. For example, when you need todecide between installing a workgroup or a domain controller, you find thepros and cons of both setups in this book.My main goal in writing this book is to provide you with useful tools andinformation. Windows Server 2008 is an amazing piece of software, despitewhat many people may think about it. Navigating the labyrinth of featuresrequires a good tool, and Windows Server 2008 All-in-One Desk Reference ForDummies is the tool you need. In reading this book, you discover the good,the bad, the overlooked, the surprising, and everything else that makesWindows Server 2008 unique.Conventions Used in This BookI always try to show you the fastest way to accomplish any task. In manycases, this means using a menu command, such as StartProgramsAccessoriesWindows Explorer. When working with dialog boxes, I tell youwhich tab to access first and then which feature to use on that tab.Whenever possible, I use shortcut keys to help you access a command faster.In some cases I provide multiple methods for accessing a feature so that youcan use the method thats most convenient at the time. For example, you candisplay the Task Manager by pressing Ctrl+Alt+Delete and clicking Task Manageron the Windows Security dialog box or by right-clicking the Taskbar andchoosing Task Manager from the context menu.03_180440 intro.qxp 3/12/08 10:40 PM Page 2 27. What You Should Read 3This book also uses special type to emphasize some information. For example,entries that you need to type appear in bold. All code, Web site URLs, andon-screen messages appear in monofont type. Whenever I define a newword, you see that word in italics. Italics are also used to denote placeholders.Because you use multiple applications when youre working with WindowsServer 2008, I always point out when to move from one application to thenext. When a chapter begins, I introduce the main topics for that chapter,which likely includes a combination of theory, usage suggestions, best prac-tices, and procedures.What You Should ReadWindows Server 2008 has a considerable array of new features, and Microsofthas changed the way many features work. Even experienced administratorswill want to begin by reading Book I, Chapter 1 because it contains an overviewof Windows Server 2008 features and tells you where to find details aboutthese features in the book. You can find features by reviewing the table ofcontents and the index, but Book I, Chapter 1 provides a short descriptionof each feature that helps you determine whether you need to read moreinformation about that feature.Anyone who hasnt performed a number of Windows installations in the pastwill definitely want to read the rest of Book I because its easy to get lost withoutthis information. Microsoft provides a number of new tools as part of the bootmanager, so you want to read about these tools in case you experience an errorduring installation.Everyone will want to read Book II, Chapter 1 next because it provides adescription of every role and feature that Windows Server 2008 provides. Ifyou dont know the difference between a role and a feature, this chapterexplains it to you. Older versions of Windows dont include the concept ofroles and features, so this information is exceptionally important even to theexperienced administrator.Where you go next depends on how you plan to use your server. Before youspend a lot of time configuring your server, however, you may want to readBook II, Chapter 4 and Book II, Chapter 5 to determine whether you want tocreate a workgroup or a domain. The choice may seem obvious, but WindowsServer 2008 provides enough surprises that you want to make your decisionbased on the new functionality that Windows Server 2008 offers. In somecases, you can use a simpler workgroup configuration where you may haveneeded a domain controller in the past.03_180440 intro.qxp 3/12/08 10:40 PM Page 3 28. What You Dont Have to Read4The names of many administrator tools are the same as in past versions ofWindows. In some cases, the tools even look like those past versions. Evenso, you want to review Book III, Chapter 1 next to ensure that you understandhow the various administrator tools have changed. Some tools, such as thoseprovided with IIS 7, are so different that everyone will want to read aboutthem before installing the associated role or feature.What You Dont Have to ReadThe best way to approach this book is to read the overview of a topic first.When you find that you need additional information, proceed next to the sec-tions that contain best practices and then to the procedures that describe howto work with the feature. In most cases, you dont gain anything of value byreading everything about the topic when you dont plan to use the targetfeature.Most chapters contain some advanced material that will interest only somereaders. In most cases, this material appears in sidebars or in separate sections.The introductory text tells you that the section contains advanced material.When you see an advanced-material warning, you can feel free to skip theentire section without missing anything valuable for less-skilled readers.You can also skip any material marked with a Technical Stuff icon. This mate-rial is helpful, but you dont have to know it to work with Windows Server2008. I include this material because I find it helpful in my administrationefforts and hope that you will, too.Foolish AssumptionsYou might find it difficult to believe that Ive assumed anything about you after all, I havent even met you! Although most assumptions are, indeed,foolish, I made these assumptions to provide a starting point for the book.Im assuming youve worked with Windows long enough to know how thekeyboard and mouse work. You should also know how to use menus and otherbasic Windows features. If you havent worked with Windows and Windowsapplications for a while, you may find some concepts in this book difficult tounderstand.You must also have some level of administrative privileges. Many of theprocedures and configuration tips in this book wont work without the properrights. Windows may not even make the required feature visible to you.03_180440 intro.qxp 3/12/08 10:40 PM Page 4 29. How This Book Is Organized 5Its important that you test new procedures and configuration tasks on a testserver. Dont use a production server to perform the task the first time becauseeven with the best instructions, you can make mistakes. Im also assuming thatyou have the minimum hardware required to work with Windows Server 2008,that you have drivers and software compatible with Windows Server 2008, andthat you perform proper maintenance (such as backups) on your server.How This Book Is OrganizedThis book contains several minibooks. Each minibook demonstrates aparticular Windows Server 2008 concept. In each minibook chapter, I discussa particular topic and include examples of how to perform required configurationtasks.Book I: Installation and SetupThe first minibook contains everything you need to install Windows Server2008 and perform a basic setup. This book describes the new WindowsServer 2008 features and helps you understand why theyre important. Youalso discover the requirements for working with various editions of WindowsServer 2008 and even the new Windows version, Windows Server 2008 ServerCore. You want to at least skim this minibook because Windows Server 2008includes boot diagnostics and a new way of setting the boot settings, amongother changes that could confuse even experienced administrators.Book II: ConfigurationAfter you install and perform a basic setup of Windows Server 2008, you wantto perform some configuration tasks. Unlike with previous versions of Windows,Microsoft doesnt assume anything about you. Consequently, when you startWindows Server 2008 the first time, you dont have any functionality noteven a file server. This minibook introduces you to the vast array of rolesand features that Windows Server 2008 provides. You also see how to installand configure your hardware, work with the Control Panel, create work-groups, and promote your server to a domain controller.Book III: AdministrationWhen you reach this minibook, your server is running and configured. Thisminibook describes the next step, which is to perform basic administrationtasks. You first discover the tools found in the Administrative Tools folder ofthe Control Panel and then move on to setting group policies and configuringthe registry. All these tasks are common to any Windows Server 2008 setup.This minibook also provides information on working with Active Directorythat you can use when working with a domain controller. A special chapter03_180440 intro.qxp 3/12/08 10:40 PM Page 5 30. How This Book Is Organized6on performing standard maintenance tasks will help you keep your server atpeak performance. Finally, this minibook contains some basic informationabout working at the command line. Although you can perform most admin-istration tasks without ever seeing the command line, you still need to knowabout the command line to perform a few special tasks discussed in otherplaces in this book.Book IV: NetworkingA server isnt much good if you cant use it to share resources with othercomputers, printers, users, and any other entity you can think of. This mini-book provides some good theoretical information about how networks work,best practices you can use to ensure that your network works as intended,and procedures you can use to install required roles and features. You alsofind techniques you can use to maintain your network, discover errors whenthey exist, and verify that your network interacts with others safely.Book V: SecurityIf you find Microsofts security confusing, youre not alone. Just about everyadministrator finds Microsofts security strategy confusing, which is whymany servers lack proper security controls. This minibook helps clear awaythe confusion. You get good theoretical information on how security works,best practices for implementing security in your organization, a completedescription of both standard and managed security, and procedures forworking with both kinds of security. When you complete this minibook, youhave the tools required to create a secure environment, and you understandwhat youre doing (no more confusion).Book VI: Windows PowerShellLets face it: The command prompt provided with previous versions of Windowshas been around since the days of DOS. Just in case you dont remember DOS, itwas Microsofts original cash cow in the days of the early computer. (You cansee an interesting history of DOS at http://www.computerhope.com/history/dos.htm.) Windows PowerShell is the new command prompt. Itprovides better security, a complete scripting language, access to the .NETFramework (and all it provides), and better access to the operating system.In addition, Windows PowerShell comes with truly useful help.This new command line is such a radical change from what has gone in thepast that I decided to devote an entire minibook to the topic. What you cando with Windows PowerShell will amaze you and, more importantly, saveyou a lot of time. This minibook provides you with a helpful overview ofWindows PowerShell, describes how to use it, provides some examples thatyou can use on your own server, and even describes how to implement yourown scripts and Cmdlets.03_180440 intro.qxp 3/12/08 10:40 PM Page 6 31. Icons Used in This Book 7Book VII: IISForget everything you know about IIS of the past because IIS 7 has nothing incommon with those earlier products. In fact, Microsoft should have come upwith a different name for this application. IIS 7 is a new Web server with somany neat features that youll want to install it even if you dont need a Webserver, just to see how this new product works. Everything from the userinterface to the underlying technology is different. The best part about IIS 7is that it works better than any previous version of IIS. This is the must-havefeature of Windows Server 2008! This minibook describes the new interface,tells you a little about the inner workings of IIS 7, and describes how toperform common configuration tasks.Book VIII: ServicesServices may not seem interesting, and they dont normally receive muchcoverage in books. Unfortunately, services are at the center of everythingthat Windows Server 2008 does. You cant even start the operating systemwithout the proper services in place. This minibook seeks to right a wrong inthe services coverage you may have seen in the past. Rather than makeservices a second-class citizen, this minibook helps you understand the truevalue of services to your server. In addition, you discover some interestingnew best practices for services and even learn about a dirty secret concerningservices and viruses. Thats right: Viruses can hide on your server in theform of services, and this minibook tells you all about it.Icons Used in This BookAs you read this book, you see icons in the margins that indicate material ofinterest (or not, as the case may be). This section briefly describes eachicon used in this book.Tips are nice because they help you save time or perform some task withouta lot of extra work. The tips in this book are timesaving techniques or pointersto resources that you should try in order to get the maximum benefit fromWindows Server 2008.I dont want to sound like an angry parent or some kind of maniac, but youshould avoid doing anything marked with a Warning icon. Otherwise, youcould find that your server melts down and takes your data with it.Whenever you see this icon, think advanced tip or technique. You might findthese tidbits of useful information just too boring for words, or they couldcontain the solution that you need to get a program running. Skip these bitsof information whenever you like.03_180440 intro.qxp 3/12/08 10:40 PM Page 7 32. Where to Go from Here8If you dont get anything else out of a particular chapter or section, rememberthe material marked by this icon. This material usually contains an essentialprocess or bit of material that you must know to work successfully withWindows Server 2008.Where to Go from HereIts time to start your Windows Server 2008 adventure! I recommend thateveryone start with Book I, Chapter 1 because Windows Server 2008 containsso many new features that you need to know about to receive the full benefitof this product.03_180440 intro.qxp 3/12/08 10:40 PM Page 8 33. Part IInstallationand Setup04_180440 pp01.qxp 3/12/08 10:40 PM Page 9 34. Contents at a GlanceChapter 1: An Overview of Windows Server 2008............................................................11Chapter 2: Using the Boot Diagnostics ................................................................................31Chapter 3: Performing the Basic Installation ....................................................................55Chapter 4: Performing Initial Configuration Tasks............................................................8304_180440 pp01.qxp 3/12/08 10:40 PM Page 10 35. Chapter 1: An Overviewof Windows Server 2008In This Chapter Understanding the new features of Windows Server 2008 Choosing the right Windows Server 2008 edition Working with Windows Server 2008 Server Core Working with Windows Server Manager Working with Windows PowerShell Using new Terminal Services featuresMicrosoft tries to improve each version of Windows Server. Most newversions offer improved reliability, performance, and security. They alsoinclude a wealth of new features. Windows Server 2008 is no different in thisregard. Youll find that it includes many new capabilities, some of which youlluse today, some tomorrow, and some youll never need. The only problem isfiguring out what the new features are and whether you really do want them.This chapter provides an overview of Windows Server 2008 features and helpsyou understand their importance to your organization. Of course, youll needto decide how these features answer your organizations needs.Youre probably expecting many of the new features. For example, Microsoftis introducing yet more new printing and storage management features.Depending on your hardware configuration, you may consider some of thesefeatures long overdue.Windows Server 2008 also includes a new version of Internet InformationServer (IIS) thats so different from what you used in the past that you mightnot even recognize it as the same product. (For this reason, youll find anentire minibook, Book VII, dedicated to the topic.) Of course, Microsoft doessomething different with IIS in every version of Windows, so you probablyexpected this change in part.The most radical change is the new Windows Server 2008 Core Services,which is a Windows without windows. Thats right: All you get is a commandprompt with this version of Windows. Fortunately, Microsoft has a goodreason for creating this version of Windows Server 2008, and you should05_180440 bk01ch01.qxp 3/12/08 10:40 PM Page 11 36. An Overview of Major New Features in Windows Server 200812read about it in the Understanding Windows Server 2008 Server Coresection of this chapter. With all these changes in mind, you find that the fol-lowing sections help you prepare for the new Windows Server 2008 update.An Overview of Major New Featuresin Windows Server 2008Windows Server 2008 includes a host of new features, and I explore all of themsomewhere in this book. However, some features warrant a special mentionbecause theyre more substantial than some of the tweaks that Microsoft usu-ally makes. The following sections dont provide a complete list of every newfeature youll find in Windows Server 2008; rather, they provide an overviewof the features that really make a difference.BitLocker drive encryptionBitLocker, a new feature in Vista, has also made its way into Windows Server2008. This particular feature has the potential to improve system securityimmeasurably when it comes to tampering. Because Windows encrypts theentire hard drive, anyone attempting to read the hard drive outside the serverwont get very far. In addition, someone cant even start the server withoutthe required information because the hard drive encryption keeps the datacompletely locked (including the Windows boot code) until you provide therequired code.This feature makes a lot more sense on a laptop or other machine that leavesyour premises regularly. Someone leaving a laptop sitting in a public locationwont then compromise all that precious data you worked so hard to accumu-late. However, using BitLocker does mean that you dont have to worry asmuch about someone gaining access to company data when you perform anupgrade of the hardware. Even if your assistant forgets to wipe the hard drive,no one can get to the data at the recycling center. Youll find a completediscussion of this topic in the Encrypting Your Hard Drive Using BitLockersection of Book II, Chapter 2.Enhanced Windows FirewallMicrosoft has been working hard to improve the security of Windows. Onemethod its employing is to make it harder for outsiders to gain entry to theserver while making it easier for the network administrator to perform therequired configuration. The Windows Firewall in Windows Server 2008 isconsiderably easier to use than in previous versions of Windows, and itprovides additional functionality. The initial display says it all by providingyou with a quick indicator of firewall status, as shown in Figure 1-1.05_180440 bk01ch01.qxp 3/12/08 10:40 PM Page 12 37. Book IChapter 1AnOverviewofWindowsServer2008An Overview of Major New Features in Windows Server 2008 13Windows Firewall is also considerably easier to configure than in the past. ClickChange Settings and youll see the dialog box shown in Figure 1-2. The Generaltab lets you turn the firewall on or off. You use the Exceptions tab to configureWindows Firewall to allow individual applications to communicate with the out-side world. The Advanced tab lets you configure individual network connections.Youll find a complete discussion of this topic in the Configuring the WindowsFirewall section of Book V, Chapter 4.Figure 1-2:Configuringthe firewallisconsiderablyeasier thanin the past.Figure 1-1:The newfirewallmakes iteasy todetect itscurrentstatus.05_180440 bk01ch01.qxp 3/12/08 10:40 PM Page 13 38. An Overview of Major New Features in Windows Server 200814Federated rights managementWindows Server 2008 includes a number of new roles, one of which is ActiveDirectory Federation Services (AD FS). This feature lets an administrator definean access identity across a network even if the access occurs over the Internet.In addition, this feature relies on the role-based security built into the .NETFramework. Consequently, when someone logs in to the system, they have therights defined by their role. A manager may have only manager rights whenlogging in from a local system they may actually appear in the user rolelogging in from the Internet.The AD FS role works across platforms, so it no longer matters if your networkcontains a mix of Windows, Linux, and Macintoshes. The administrator canalso provide role-based authorization to Windows SharePoint Services (WSS)and Rights Management Services (RMS) for a federated partner. A new GroupPolicy feature lets the administrator limit federation service deployment. Itsalso possible to check on certificates by using the certificate-revocation-checking settings.A second Windows Server 2008 role is Active Directory Rights ManagementServices (AD RMS). This service provides the means to attach usage rightsto the data on your server. The rights to that data remain persistent no matterwhere someone moves it. You would use this feature to provide security forsensitive documents, such as financ

Windows server 2008 all in one desk reference for dummies

Documents

Transcript of Windows server 2008 all in one desk reference for dummies